TUD Logo

TUD Home » ... » Privacy and Data Security » Research topics » Multi-lateral Security in and by Distributed Systems

Privacy and Data Security

against racism

Multi-lateral Security in and by Distributed Systems

We define multi-lateral security as security with minimal assumptions on the trustworthiness of communication partners.

Design of Secure Distributed Applications

Multi-laterally secure distributed application software offers certain functionality (e.g., communication, payment, decision support etc.) while at the same time it guarantees protection goals (such as confidentiality, integrity or availability) in bi-lateral and multi-lateral interactions with others. The possibility of contrasting interests between different users has to be considered on principle, and measures for conflict resolution must be built in (Rationale: oftentimes, fraud does not happen if a possibility to police it exists). However, to secure an application against real threats, it is not sufficient to replace the underlying protocols of an existing application with secure equivalents (for example, using encryption to protect contents from access by third parties). Instead, designing multi-laterally secure application starts with an analysis of common and contrasting interests that follow from application requirements and threat scenarios, respectively. Threats are defined in so-called "adversary models", which usually include legitimate users as potential adversaries. Based on these models, suitable protection mechanisms can be selected, if necessary adapted, and re-combined. A final security analysis evaluates to which extent the specified protection goals could be realised. The approach includes design and evaluation of user interfaces to ensure that users with limited knowledge of IT security are enabled to specify their preferences easily. This should minimise the risk of security-critical mistakes.

One of our actual development projects is a multi-laterally secure eLearning application, in which multiple participants can work through teaching contents together (in a so-called "collaborative" environment). Thereby the system allows its users to formulate security preferences with respect to confidentiality of communication contents and circumstances. Security preferences are enforced technically towards the system administrator as well as all other participants.

  • Multilateral Security: Enabling Technologies and Their Evaluation, by A. Pfitzmann, in G. Müller (ed.): Emerging Trends in Information and Communication Security , LNCS 3995, Springer-Verlag, Berlin/Heidelberg, S. 1-13, 2006.
  • Establishing a Privacy-aware Collaborative eLearning Environment, by K. Borcea-Pfitzmann, K. Liesebach and A. Pfitzmann, in Proc. of EADTU Working Conference, Rom, 2005.

Cryptographic Protocols and Algorithms

Cryptographic protocols and algorithms are fundamental building blocks for technical solutions in virtually all of our research fields. Therefore we continuously follow developments in modern cryptography and related areas. We particularly pay attention to security analyses of widely used algorithms. Our speciality in designing cryptographic systems is undeniable digital signatures. These mechanisms prevent fraudulent signatures even if the underlying mathematically assumptions of the signature system turn out to be wrong.

  • How to Break the Direct RSA-Implementation of MIXes, by B. Pfitzmann and A. Pfitzmann, in J.-J. Quisquater und J. Vandewalle (ed.): Advances in Cryptology - Eurocrypt '89, LNCS 434, Springer-Verlag, Berlin/Heidelberg, S. 373-381, 1990.
  • Efficient Software Implementations of (Generalized) DES, by A. Pfitzmann and R. Aßmann, Computers & Security 12 (5), S. 477-500, 1993.

Ubiquitous Computing

Ubiquitous computing is a catchword that subsumes the extreme miniaturisation and distribution of networked devices, equipped with sensors, in the world around us (home, office, car, clothes, products, ...). It includes the possibility to identify objects by unique and remotely accessible identifiers (RFID).

We are interested in ways to realise multi-lateral security in communication between heterogeneous (small) devices connected in dynamic network topologies. This should enable all involved parties (humans and computers) to achieve protection goals in line with their interests.

Privacy-respecting RFID/NFC-based ubiquitous systems

The focus of this research area is on ubiquitous systems based on RFID technology and on rapidly evolving NFC technology. We are interested, how such ubiquitous RFID/NFC-based ubiquitous systems can be constructed in a privacy-preserving way. The pervasive nature of such systems paves the way to the privacy invasion of a qualitatively new scale. This imposes serious challenges to protecting the privacy of the users of such systems.

We are interested in technical means of providing the required privacy protection for emerging ubiquitous systems, both in back-end (e.g. processing centers, bill computation, etc) and in front-end (smart cards, NFC-enabled smart phones, etc.)

The research encompasses theoretical and practical parts. In the theoretical one, the focus is made on analysis of peculiar privacy threats, development of the respecting countermeasures (e.g. a privacy-preserving authentication protocols), etc. The evaluation is performed during the practical part which focuses on the (proof-of-concept) implementation of the developed countermeasures.

The main use case for the research are privacy-respecting e-ticketing systems e-ticketing systems. It is foreseen, however, that more supporting use cases are going to emerge in future.

Contact: M.Sc.Ivan Gudymenko
E-Mail: ivan.gudymenko (at) mailbox.tu-dresden.de, Raum INF 3065

Reputation Systems

In electronic commerce without reputation systems, it is often difficult to distinguish between honest merchants and miscreants. Reputation systems are distributed applications that aggregate quantitative metrics of reputation from many participants &rsquot; individual ratings about other participants. This way to obtain information about the trustworthiness of others replaces the propagation of knowledge through social networks in real life.

Our concepts for multi-laterally secure distributed reputation systems differ from conventional approaches in that they offer valid and reliable metrics without possible privacy-invasive side effects. This means that neither the system administrator nor third parties get to know more than the actual rating about the users&rsquot; private information or their behaviour. Such reputation systems can be integrated into privacy-enhancing identity management systems.

  • Design Options for Privacy-Respecting Reputation Systems within Centralised Internet Communities, by S. Steinbrecher, in S. Fischer-Hübner et al. (Hrsg.): Security and Privacy in Dynamic Environments (Proc. of IFIP International Information Security Conference), Springer-Verlag, Boston, S. 123-134, 2006.

  • Biometrics

    Biometric methods in IT security are tools to verify and authenticate persons by measurement of biological features (e.g. fingerprint, iris pattern). Biometric features are particularly useful for access control, since they do not suffer from shortcomings of other methods (lost passwords or tokens).

    We conduct general security analyses of biometric systems and study new security and privacy risks such systems create.

    • Biometrie wie einsetzen und wie keinesfalls? [Biometrics - how to use and how not to use at all] by A. Pfitzmann, Informatik Spektrum 29 (5), 353-356, 2006.
    Last modified: 29th Aug 2012, 10.40 AM
    Author: Dipl.-Ing. Silvia Labuschke

    Katrin Borcea-Pfitzmann

    Phone: +49 (0) 351 463-38397
    Fax: +49 (0) 351 463-38255
    e-mail contact form

    Ivan Gudymenko

    Phone: +49 (0) 351 463-38436
    Fax: +49 (0) 351 463-38255
    e-mail contact form

    Elke Franz

    Phone: +49 (0) 351 463-38076
    Fax: +49 (0) 351 463-38255
    e-mail contact form

    Stefan Köpsell

    Phone: +49 (0) 351 463-38272
    Fax: +49 (0) 351 463-38255
    e-mail contact form